From Newsgroup: comp.std.c
I can see since C99 (at least):
[Foreword]
deprecate ungetc at the beginning of a binary file
[Future library directions]
The use of ungetc on a binary stream where the file position
indicator is zero prior to the call is an obsolescent feature.
Dropping this feature is a bad idea and is likely to introduce
subtle bugs (possibly security issues) in software, which includes
GNU MPFR in mpfr_inp_str, for instance if some binary stream is
redirected to /dev/null (most streams are probably text streams,
but this is not controlled by libraries like MPFR).
Indeed, in practice, one may wish to handle EOF and other error
conditions after calling ungetc, which is currently safe, since
the standard says for EOF:
If the value of c equals that of the macro EOF, the operation fails
and the input stream is unchanged.
Code could easily be fixed by changing
ungetc (c, stream);
to
if (c != EOF)
ungetc (c, stream);
But why changing something that makes sense to undefined behavior,
probably without any benefit (no performance issues...)?
Shouldn't the C language tend to more safety?
--
Vincent Lefèvre <
vincent@vinc17.net> - Web: <
https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <
https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
--- Synchronet 3.19a-Linux NewsLink 1.113